Security Management Strategies for the CIO
Email Alerts
-
HIPAA compliance manual: Training, audit and requirement checklist
In this HIPAA compliance manual you will recieve advice on how to prepare for a security audit as well as a checklist for HIPAA training, gudielines and requirements. Learning Guide
-
Quiz: How to meet HIPAA compliance requirements
Think you know HIPAA? Test your knowledge with this five-question quiz. Quiz
-
Policies and regulatory compliance
An overview of the type of policies needed for regulatory compliance. Information Security maga
-
Survey results highlight the importance of HIPAA compliance training
The Vice President of Policy and Government Relations for the American Health Information Management Association speaks out on the importance of compliance training. Executive Briefing
-
Making sense of the maze
The program director of regulatory compliance for the Object Management Group discusses a new project known as Compliance Global Regulatory Information Database, which should help businesses manage regulatory compliance demands across international b... Executive Briefing
-
Ensure that legal responsibilities are clear -- Especially when trouble strikes
Excerpt from Chapter 15 of Information Nation Warrior: Information Management Compliance Boot Camp. Book Chapter
-
SAP Security Learning Guide
This guide pulls SAP security information from both SearchSecurity.com and its sister site, SearchSAP.com, to provide the most comprehensive resource around for all aspects of making your SAP system bulletproof. Learning Guide
-
Nominate your peers
Security Seven Awards
-
Security Pop Quiz: Racing to the HIPAA finish line
Find out where you stand on your knowledge of HIPAA with this mini-quiz. Quiz
-
ID theft and national security
Check out what some ITKnowledge Exchange members had to say about this controversial issue. Security Speak-Out
- See more Essential Knowledge on HIPAA
-
Harsher penalties for HIPAA violations altering compliance efforts
More frequent audits and larger penalties for violating HIPAA are motivating enterprises to tame HIPAA compliance challenges, Gartner analysts say. News | 11 Jun 2013
-
HIPAA Omnibus Rule, PPACA challenge enterprise compliance management
Compliance practitioners say new mandates like the HIPAA Omnibus Rule and Obamacare are making enterprise compliance management even harder. News | 31 May 2013
-
Rite Aid to pay $1 million in HIPAA settlement
In its settlement agreement with the HHS over alleged HIPAA violations, the pharmacy chain will pay $1 million and must establish procedures for disposing of protected health information (PHI). News | 28 Jul 2010
-
Cost of security, IT management add up at healthcare facilities, study finds
Digitalizing healthcare records and new health systems fail to cut costs, according to new research from Harvard University. Security and other management costs add up. Article | 24 Nov 2009
-
Healthcare security spending remains sluggish, report shows
Billions for electronic healthcare records aren't driving security budgets up, according to the Healthcare Information and Management Systems Society. Article | 09 Nov 2009
-
HITECH Act incentives translate to opportunities for VARs
Healthcare organizations are moving quickly to grab a piece of the $19.2 billion in incentives earmarked by the Health Information Technology for Economic and Clinical Health (HITECH) Act to convert to digital medical records. The channel must move q... Article | 28 Sep 2009
-
FTC extends breach notification to Web-based health repositories
Companies that collect and retain health data and aren't covered under HIPAA are now subject to similar breach notification rules, according to a new FTC ruling. Article | 18 Aug 2009
-
HIPAA changes force healthcare to improve data flow
Do you know where your data is? The latest HIPAA changes should motivate healthcare security teams to understand information flows. Column | 02 Mar 2009
-
CVS pays $2.25 million HIPAA violation settlement
CVS pharmacy employees allegedly committed a HIPAA violiation when tossing pill bottle labels with patient information into the trash. Article | 18 Feb 2009
-
Hacked dental school server compromises 300,000
A hacker used a vulnerability scanning tool to compromise a server at the University of Florida's College of Dentistry, compromising the sensitive information of patients. Article | 17 Nov 2008
- See more News on HIPAA
-
A HIPAA compliance checklist for corporate mergers and acquisitions
Learn about the important HIPAA compliance best practices that can help maintain compliance before and after a corporate merger or acquisition. Tip
-
The HIPAA omnibus rule: How the changes affect IT security pros
The new HIPAA omnibus rule begins a new chapter in HIPAA compliance. Learn how the changes will affect IT security pros and how to comply. Tip
-
Windows Server 2012 security: Is it time to upgrade?
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release. Tip
-
HIPAA compliance: How to prepare for upcoming KPMG HIPAA audits
KPMG HIPAA audits will hit 150 companies this year. What if yours is one of them? Mike Chapple explains how to handle the HIPAA compliance hot seat. Tip
-
Proposed HIPAA privacy rules changes may demand new tools, processes
Proposed HIPAA privacy rules changes may require companies to keep closer tabs on electronic health records. Charles Denyer explains what it may mean for enterprise compliance. Tip
-
Best practices for enterprise database compliance
Successful enterprise database compliance means, for starters, access must be tightly controlled and monitored. Charles Denyer covers key database compliance essentials. Tip
-
Using standardized enterprise security practices to secure and defend your network
PCI DSS, HIPAA, ISO and other enterprise compliance guidelines offer a foundation to build repeatable information security processes and procedures. Marcos Christodonte II explains how. Tip
-
HIPAA covered entity and business associate agreement requirements
Under HITECH, both "covered entities" and "business associates" must comply with HIPAA data protection mandates, but, as a covered entity, what's the best way both to maintain compliance for your organization, and make sure all your BAs are compliant... Tip
-
New security breach notification rules expand security requirements
The Department of Health and Human Services and the Federal Trade Commission last year issued security breach notification rules for disclosure of unsecured personal health information. In this tip, Andrew Baer explains how the new rules expand data... Tip
-
Creating a HIPAA employee training program
Want to get your employees on board the HIPPA/HITECH compliance train? Learn how to create a HIPAA employee awareness training program to make sure employees understand what's at stake. Tip
- See more Tips on HIPAA
-
HIPAA compliance training: How to prevent lost or stolen devices
Mike Chapple explains how enterprises can help lessen the impact of lost or stolen devices as part of HIPAA compliance training. Answer
-
Does ISO 27001 certification mean HIPAA and HITECH compliance?
Mike Chapple clarifies the difference between ISO 27001 certification and HIPAA and HITECH compliance. Answer
-
How do the HIPAA Security Final Rule and meaningful use rule differ?
Expert Mike Chapple discusses the HIPAA Security Final Rule and the meaningful use rule, including what each entails and how they differ. Answer
-
HITRUST C-TAS: Is it the new compliance mandate?
Mike Chapple discusses the new HITRUST C-TAS information-sharing consortium and clarifies whether it relates to the HIPAA compliance mandate. Answer
-
HIPAA encryption requirements: How to avoid a breach disclosure
Charles Denyer explains the necessity of encrypting customer data with respect to HIPAA encryption requirements and squares out what enterprises should expect. Answer
-
HIPAA password policy: Managing Windows stored usernames and passwords
Under HIPAA, is it allowable to store Windows usernames and passwords? In this expert response, Ernie Hayden discusses managing access for companies that must be HIPAA compliant. Ask the Expert
-
HIPAA and Social Security numbers in a hospital computer network
Learn when Social Security numbers can be used for patient identification without violating HIPAA patient confidentiality requirements. Ask the Expert
-
How to encrypt data-at-rest to meet the HITECH act regulations
What's the best way to encrypt data-at-rest to meet the HITECH act regulations? Learn how to interpret guidance from NIST 800-111 in this security management expert response from David Mortman. Ask the Expert
-
How to destroy data on a hard drive to comply with HIPAA regulations
Looking to destroy HIPAA data on a hard drive? Learn the best way to destroy a hard drive to comply with HIPAA regulations in this expert response from David Mortman. Ask the Expert
-
How to provide access to Web content (while ensuring network security)
A reader asks expert Michael Cobb how healthcare organizations should allow Web access without compromising network security. Ask the Expert
- See more Expert Advice on HIPAA
-
HIPAA business associate
As defined by the Health Information Portability and Accountability Act (HIPAA), a business associate is any organization or person working in association with or providing services to a covered entity who handles or discloses Personal Health Informa... Definition
-
Tackle virtualization compliance by balancing business, security needs
Security and business cultures don't always mesh, but virtualization compliance requires balance between them. Eric Ogren explains in this tutorial. Video
-
Video: PCI liability, HIPAA enforcement rule, breach notification laws
Attorney David Navetta discusses why PCI liability matters to card brands, the effect of the HIPAA enforcement rule and breach notification laws. Video
-
Managing third-party compliance
In this podcast, special guest expert Richard Mackey offers tips on managing third-party compliance and risk. Podcast
-
Harsher penalties for HIPAA violations altering compliance efforts
More frequent audits and larger penalties for violating HIPAA are motivating enterprises to tame HIPAA compliance challenges, Gartner analysts say. News
-
HIPAA Omnibus Rule, PPACA challenge enterprise compliance management
Compliance practitioners say new mandates like the HIPAA Omnibus Rule and Obamacare are making enterprise compliance management even harder. News
-
A HIPAA compliance checklist for corporate mergers and acquisitions
Learn about the important HIPAA compliance best practices that can help maintain compliance before and after a corporate merger or acquisition. Tip
-
HIPAA compliance training: How to prevent lost or stolen devices
Mike Chapple explains how enterprises can help lessen the impact of lost or stolen devices as part of HIPAA compliance training. Answer
-
Does ISO 27001 certification mean HIPAA and HITECH compliance?
Mike Chapple clarifies the difference between ISO 27001 certification and HIPAA and HITECH compliance. Answer
-
The HIPAA omnibus rule: How the changes affect IT security pros
The new HIPAA omnibus rule begins a new chapter in HIPAA compliance. Learn how the changes will affect IT security pros and how to comply. Tip
-
How do the HIPAA Security Final Rule and meaningful use rule differ?
Expert Mike Chapple discusses the HIPAA Security Final Rule and the meaningful use rule, including what each entails and how they differ. Answer
-
Windows Server 2012 security: Is it time to upgrade?
Expert Michael Cobb wades through the security features of Windows Server 2012 to find out what's new and beneficial in Microsoft's latest release. Tip
-
HITRUST C-TAS: Is it the new compliance mandate?
Mike Chapple discusses the new HITRUST C-TAS information-sharing consortium and clarifies whether it relates to the HIPAA compliance mandate. Answer
-
Tackle virtualization compliance by balancing business, security needs
Security and business cultures don't always mesh, but virtualization compliance requires balance between them. Eric Ogren explains in this tutorial. Video
- See more All on HIPAA
About HIPAA
In this guide get information on the Health Insurance Portability and Accountability Act (HIPAA). Learn about HIPAA privacy laws, compliance, regulations, rules, violations, audits, training and records.